For the following terms find the correct definition below. Each definition is used only once there are two terms that are not used.

Managing an organization in a fair, transparent and accountable manner to protect the interests of all the stakeholder groups

A framework for IT governance

The purpose of this control is to reduce the risk of loss caused by employee theft

The policies, plans, and procedures management uses to protect company assets

Software that interfaces with suppliers and customers

A control procedure that reduces to practically zero the risk of an undetected error or irregularity

A process whereby management identifies possible events that represent a problem to the firm and then identifies appropriate responses to those problems

Establishes the tone of a company and influences the control awareness of the companys employees

An example of this control is to assign these three functions to different employees: authorizing transactions, recording transactions, and maintaining custody of assets

An example of this type of control is a firewall to prevent unauthorized access to the companys network

An example of this type of control is a change to the companys procedures for creating backup copies of important business files

When companies have production or work completed in countries like India, China, Canada, Mexico, or Malaysia

Examples of this type of control are: log monitoring and review, system audits, file integrity checkers, and motion detection

The purpose of this procedure is to classify each potential risk by mitigation cost and also by likelihood of occurrence

The purpose of this framework is to achieve effective governance of IT

Reaffirms that management is responsible for an adequate internal control structure

Includes a combination of manual and automated controls such as approvals, authorizations, verifications, reconciliations, reviews of operating performance, and segregation of duties

ideal control

scenario planning

COBIT

detective controls

SOX, Section 404

control activities

fidelity bond

risk matrix

preventive controls

Val IT

control environment

separation of duties

corporate governance

internal control

corrective controls